OPNsense is an open source, feature rich firewall and routing platform used by home users, small businesses, and enterprises around the world. OPNsense features “GeoIP” support, which allows you to block or allow traffic from specific countries using a geolocation database.
MaxMind’s GeoLite database has long been a popular choice for IP geolocation.
But IPLocate’s free IP to Country database is higher accuracy, updated more often, and has a more permissive license.
Here’s how to use IPLocate’s IP to Country database with OPNsense:
Get your database download link
- Sign up for a free IPLocate account
- Visit the downloads page
- Copy the link to the "IP to Country (GeoLite2-Compatible Format)" download (you can click the “Copy” icon, or right click the download link and select “Copy link address”)
Please note - this is a personal download link that includes your account’s API key. Keep it safe!
Set up OPNsense GeoIP to use IPLocate
- Log in to your OPNsense dashboard
- Navigate to Firewall > Aliases > GeoIP settings
- Paste in your personal download link from above into the URL box, and click Apply
Create a GeoIP alias in OPNsense
To create a GeoIP alias:
- Navigate to Firewall > Aliases
- Create a new alias
- Set the Type to GeoIP
- Configure your list of countries to include or exclude
- Save your changes
That's it! You can now use your GeoIP-based alias to block or allow traffic from specific countries.
I recommend checking out the OPNsense documentation for more details.
Top comments (0)